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Godel's functional "Dialectica" interpretation can be used to extract functional programs from non- 
constructive proofs in arithmetic by employing two sorts of higher-order witnessing terms: positive 
realisers and negative counterexamples. In the original interpretation decidability of atoms is required 
to compute the correct counterexample from a set of candidates. When combined with recursion, this 
choice needs to be made for every step in the extracted program, however, in some special cases the 
decision on negative witnesses can be calculated only once. We present a variant of the interpretation 
in which the time complexity of extracted programs can be improved by marking the chosen witness 
and thus avoiding recomputation. The achieved effect is similar to using an abortive control operator 
to interpret computational content of non-constructive principles. 



1 Introduction 



Godel's Dialectica interpretation [5] is one of the first systematic methods for obtaining computational 
content from proofs in classical arithmetic. Different variants of the interpretation have been proposed to 
aid "proof mining" — looking for constructive information inside what appears to be a non-constructive 
argument (e.g. [9 ]). Particularly interesting is the case where terms of non-ground types (i.e., functional 
programs) are being automatically obtained from a weak existence proof. The extracted algorithms usu- 
ally calculate the witness for the existential quantifier in an indirect manner, often obscure and surpris- 
ing. There are also a number of competing techniques for program extraction like (refined) A-translation 
ElUl, Krivine's realisability, control operators [6], the X \i -calculus ifTTI and others. All of these methods 
systematically find correct programs, but the relations between them are still being investigated. 

Another topic of ongoing research is whether such approaches are feasible for practical extraction 
of sufficiently efficient correct algorithms. Even though many automatic software systems for handling 
large proof objects are being actively developed, additional work is needed to identify and remove pos- 
sible redundancies, so that the extracted programs are more readable, shorter and faster. Examples of 
such optimisations include uniform decorations |T] |7J [121, soundness-preserving program transforma- 
tions llOll . avoiding syntactic repetition lfl6l . In the present paper we suggest another such technique for 
the Dialectica interpretation, which marks computed counterexamples that are determined to be valid. 
We demonstrate how in certain cases this approach can reduce the average time complexity of the ob- 
tained program by terminating recursive search immediately after a correct counterexample is found. 
The suggested change is an extension of the interpretation variant given in ifTol . The reason is that even 
though counterexample marking can be formally applied directly to the original Dialectica interpretation, 
its practical effects are only visible when (at least) syntactic repetition is avoided. 
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2 Negative Arithmetic 

We work in a restriction of Hey ting Arithmetic with finite types (denoted HA ffl in ifTTlO to the language 
of — > and V. We refer to the resulting system as Negative Arithmetic (NA ffl ). 

Definition 1. Types (p,o), (object) terms (s,t) and formulas (A,B) are defined as follows: 

p,a ::= B|N|a|p=^a|pxa 
s,t ::= xP | (XxPt a )P^ a | ( S P^ a tP)° | ( S P,t a ) pxa | (tP xa L) p | (tP xa j) a | 

A,B ::= at(? B ) | A -> B \ \fx p A 

The base types of booleans B and natural numbers N are equipped with the usual constructors and struc- 
tural recursor constants. Here x denotes a typed object variable and a denotes a type variable. Freely 
occurring type variables allow for a restricted form of polymorphism. The sets of free variables FV(f), 
FV(A) and bound variables BV(f), BV(A) are defined inductively as usual. Substitution of terms for 
object variables s\x:=t],A [x := t] is by default assumed to be capture-free with respect to abstraction 
and quantification. 

The operational semantics of object terms are given by the usual /3 -reduction rules and computation 
rules for the recursor constants: 

^t«i? 2 h» h &0st h4 s 
c t?fft[t 2 iA H &{Sn)st h4 tn{&nst) 

We will make use of the following "let" notation for a /3-redex: 

let* := f in s := (Xxs)t. 

We express derivations in a natural deduction system with a similar syntax to that of object terms 
to stress the Curry-Howard correspondence. Proof terms are typed by their conclusion formulas and are 
built from assumption variables. 

Definition 2. Proof terms (M,N) of NA ffl are defined as follows: 

M,N ::= u A \ (Xu A M B ) A ^ B \ (M A ^ B N A ) B \ 

(*) (XxPM A Wy x " A{x) I (M v * PA Mf) AW | 

AxT : at(tt) | Cases*^ : V6 B (A(tt) -^A(ff) ^ A{b)) \ 
lnd A(n) : Vrc N (A(0) -> V« N (A(n) -^A(Sn)) ^ A{n)) 

with the usual variable condition (*) that the object variable x does not occur freely in any of the open 
assumptions of M. The sets of free variables FV(M) and free (open) assumption variables FA(M) as well 
as capture-free substitutions M [x := t] and M[u:= N] are defined inductively as usual. 

The truth axiom AxT defines the logical meaning of at(-) and allows us to consider any boolean 
valued function defined in our term system as a decidable predicate. When we write for example n = 
m, we actually mean at(Eqnra), where Eq N=;>N=;>B is a term defining the decidable equality for natural 
numbers. 



{s,t)i_ i y s 
(s,t)j A t 
(Xxs)t I— > s[x:=t] 
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In our negative language defining falsity as F := at(ff) already gives us the full power of classical 
logic. In particular, for a formula A we can prove Ex falso quodlibet (efq): h F — > A and Stability: 
h ((A — > F) — > F) — > A by meta induction on A, using AxT and Cases for the base case. We will thus use 
the abbreviations -A := A — > F and 3x p A := -Nx p -A. 

The term system in consideration is essentially Godel's T and the reduction relation \-t is well- 
known to be strongly normalising and confluent. Thus, instead of insisting that object terms appearing 
in formulas of proof rules match exactly, we require them only to have the same 17 -long normal form; 
this equality will be denoted by =. Note that we make no such assumption for extracted programs or for 
proof terms themselves. 

Notation. For technical convenience we will use £ for denoting a special nulltype, i.e., lack of 
computational content. By abuse of notation we also use £ to denote all terms of nulltype. We stipulate 
that the following simplifications are always carried out implicitly: 

pxe-^p, t px£ L-^t, (t,e)~^t, p=^£~^£, Xxe-^e, et-^e 

£Xp-wp, t £xp j^t, (£,()-»/, £=^p-^p, /U e f-wf, tS-^t (£) 

Vx e A-wA, Me-^M 

Consequently, to simplify presentation all £ terms will be silently omitted, as they hold no computational 
content. 

3 Quasi-linear Dialectica interpretation 

We will shortly outline the variant of the Dialectica interpretation, which was presented in [16 ]. It allows 
extraction of more efficient programs by avoiding syntactic repetition of subterms. In particular, it turns 
out that the size of the extracted terms depends almost linearly on the proof size. The present paper will 
build upon this interpretation to improve efficiency of recursion even further. 

The general idea behind avoidance of syntactic repetition is to factor out common subterms as much 
as possible in the positive and negative content during the extraction process. To achieve this we use 
definition contexts — a tool, which allows to gradually accumulate the common part of all witnesses 
of a given proof. In order to apply this technique, the definition of the Dialectica computational types 
needs to be slightly revised so that we use uncurried function types instead of curried ones, because both 
the partial and the full application of an uncurried function to a variable increase the term size with a 
constanfj] 

We start with some preliminary notations. We use [•] to denote size of terms, formulas and proofs. 
For a proof M we define its maximal sequent length \\M\\ as max^<M |FA(./V)|, where N < M is the 
subproof relation. The rest of the needed definitions are presented below. 

Definition 3. Let us fix a type variable o and an object variable [] of type o, which will be referred to as 
"a hole". A definition context £ is a term built by the following rules: 

E ::= []° I {E p ^ a t p ) a \ {Xx p E a ) p ^ a , 

where t does not contain the type o. For a definition context E p and term t a , we define the term E[t] (t in 
the context E) as E [o := a] [[] :=t], where, contrary to our usual convention, the free variables of t are 
allowed to be bound by abstractions in E. 



In contrast, full application of a curried function needs a variable for each parameter. 
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Definition 4. We define the partial application of the (uncurried) function / to the term t as 

f^otP:=ft 
fP xa ^ ot p := Xx a f{t,x), where x is a fresh variable. 

Definition 5. We extend the projection operations l and j to functions: 

/P^ x V:=Ax"/xl, fP^ axt j:=XxPfxj. 

Definition 6. For a formula A we define the positive and negative computational types (a + (A) and 
<r~(A)). We will also denote a* (A) := a" (A) => a + (A). We define: 

a + (at(7j)) :=e, <r~(at(fe)) := £, 

a + (A — >■ B) := cr+(B) x a" (A), a" (A -»• fl) := a* (A) x cT(B), 

a+(Vx p A) := cr+(A), a"(Vx p B) :=p x a~(B). 

Definition 7. For r : a* (A), s : <7~(A) we define \A\ r s as follows: 



|at(6)|:=at(&), \VxA\ r s := |A( JL )| 
|A^<:=|A|'L^|B|.ir )L - 



ro.v L 



The soundness theorem for the new variant of the interpretation follows a similar pattern to the usual 
soundness proof. On every inductive step we define: 

1. a definition context [Af] : cr~(A) =>• o 

2. a context-dependent positive witnessing term [[M]] + : a + (A) 

3. context-dependent negative witnessing terms [Af]]j~ : <7~(C,-) 

The final extracted term will be obtained by putting the context-dependent terms inside the context: 

{|M|} :=[[M]}[([[M}} + ,...,[[M}};,...)}. 
We will refer to the separate components put in the context as follows: 

{|M|} + := [[M]}[[[M}} + ], {\M\}7 := [[M]][[[M]]7]. 

Theorem 1 (Soundness of quasi-linear extraction). Let 2? :Abe a proof in N A ffl from assumptions : Q. 
Let x; : <7*(C,-) and yA '■ <?~(A) be fresh variables. Then there is a term {\&\}, satisfying the following 
conditions: 

i. we can prove \A\jf l}+ from |Q|^ |} _^, 
». FV({|^|}) C FV(^)U{x,-}, 

///. |~{| ^|}] < [^] + \\^J\ 2 )for a fixed constant K, not depending on 
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4 A special case of recursion 

A specific feature of the Dialectica interpretation which allows to embed classical logic into a quantifier- 
free constructive system is the extraction of counterexamples. In our negative language, in order to prove 
3xA we need to use the assumption Vx^A to derive a contradiction. The non-trivial use of classical 
logic comes where we use this assumption more than once. In the extracted term this corresponds to 
deciding between counterexamples by checking the validity of the quantifier-free translation \A\ X . An 
extreme example of this phenomenon is the interpretation of induction^] which corresponds to using the 
induction hypothesis an unbounded number of times. This is reflected by a case distinction on every 
recursive step in the recursively defined programs for computing counterexamples for open assumptions. 
However, there is a special case of the induction scheme in which a case distinction on every step is 
redundant and, moreover, can lead to an unnecessary increase of complexity. 

Let := lnd N A („)nM A ' ' (An,^") N A ( n+1 ^) be a proof by induction from assumptions Uj : Q. Con- 
sider the case where <7~(A) = e. For the sake of simplicity let us assume that we have only one open 
assumption u : C and let us omit all indices. By the usual soundness theorem (cf. lTT3lO we obtain the 
following extracted terms: 

m + ■= ^n[[M]] + (ln,x v [[N}} + ) 

■= &nltq- (kn,paiq-S)&p), far §:=[*,:= 



where XI is a case distinction operator, defined as follows: 



t\ [>o?2 := < 



'h, if u :C(£ FA(JV), 

t 2 , ifw:C^FA(M), 



^ \C\ x t " t 2 t\, otherwise. 



Note that the case distinction operator depends not only on the assumption u, but on the proof branches 
M and N as well. To keep notation simpler we do not make this dependency explicit; the referred proof 
will be clear from the context. 

We first notice that the computation of [[^]] + is linear on n. However, in each recursive step of 
in order to compute [W] - , we invoke a sub-computation of [[^]] + for the current value of n. This 
makes the computation of \&\~ at least quadratic on n. In the general case of treatment of induction 
this cannot be avoided. However, in the case where a (A) = e it is easy to see that we can compute 
positive and negative content simultaneously: 

{in + An-)-=@n{\MtAMT) 

r Xn,x v ,(p + ,p_)(l[N]} + p + ,([[N]]-t;')&P- 



where := [x v := p + ]. Thus, as shown in [16], by avoiding recomputation we might improve worst time 
complexity of the program. However, in this special case we can optimise even further. For a fixed n, 
can be seen as performing a linear search for a counterexample for C among the n candidates in 
the listL" := {IMT,{WVV [» := *])*<*-i). Formally, 

\ C \\n- ° A I C Il» and 3K < n \&f = L\. 

k<n 



"Here we refer to the full induction rule, not to the commonly considered assumptionless induction rule. 
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The definition of x is asymmetric: it performs the counterexample check on one of its operands 
only (cf. [14]). In the considered case, [[^]] always returns the last possible counterexample in the 
list L n , i.e., \/k > K \C\ X L „. This behaviour seems inefficient and a simple idea to change it is to reverse 

the operands of ix in the definition of ~. Indeed, in this case we would return the first possible 
counterexample from L n , i.e., Mk<K \C\ X L „. Unfortunately, this will not improve the efficiency of the 
extracted program, because it will still perform n steps, computing all elements from the list L" and 
performing n — 1 case distinctions. It is clearly sufficient to terminate the recursion as soon as we find 
the first index K for which -"|C|£« . Although this will not change the worst time complexity of the 
program, it might improve the average time complexity, in case the expected value of K is lower than 
0(n). 

Such an earlier terminating search could be implemented by adding a boolean flag b, which specifies 
whether a counterexample is already found. For example: 

(m\(m-,b)):=^n([[M]]\([[M}]-^)) 

(xn,x v ,( P+ ,(p-,b)) Om + p+, p-*im~? 

where t\Kt 2 :=^b (/i,tt) (V |C|* (t 2 ,ff) (h,tt)). 

Note that the assumption a (A) = e is important, otherwise p_ would be a function, applied to a 
term depending on n on each recursive step. This would prevent us from using the information that a 
counterexample is found on an earlier step to terminate the recursion. 

In IT3 1 Ratiu and the author considered the Infinite Pigeonhole Principle as a case study for program 
extraction from non-constructive proofs. There we showed that the refined A-translation method ex- 
tracts a program, which has exponential worst time complexity, but polynomial average time complexity, 
while the program extracted by Dialectica is exponential in both the worst and the average case. How- 
ever, the optimisation described in this section applies and we can obtain a Dialectica program, which 
has polynomial average time complexity, like the one extracted by refined A-translation. 

The considered early termination of the recursive process is very reminiscent of an abortive control 
operator 0, where immediate transfer of the program flow control occurs. As discussed in lfT3l . similar 
situations occur with programs, extracted by refined A-translation. For the case study discussed there, it 
seemed that this feature had an important contribution in achieving better average time complexity. This 
suggestion is reaffirmed by the fact that adding such an optimisation to the Dialectica interpretation has 
the same favourable effect on extracted programs. 

5 Marked counterexamples 

As was discussed in Section [4j the programs extracted with the original Dialectica interpretation do not 
take advantage of the information about the validity of counterexample where a case distinction is needed. 
The case distinction construction t\ x/2 forces us to choose between two candidate counterexamples t\ 
and ?2 for the assumption u : C. The choice is made by direct checking of the decidable Dialectica trans- 
lation of the formula C for one of the counterexamples. What is not taken into account is that if the check 
confirms the existence of a counterexample, all further computation of witnesses and counterexamples is 
pointless. In a certain sense, this can be viewed as avoiding both 

1 . recomputation — the validity of the counterexample is rechecked if we have more than two occur- 
rences of the assumption C, 
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2. redundant computation — all further counterexamples and witnesses computed are not needed for 
a sound verification proof. 

It is important to note that the common context approach from [16] seems inapplicable for avoiding 
such kind of recomputation. The reason is the underlying difference between repeated subterms and the 
recomputation considered here. We can detect duplicated terms during the extraction process and we use 
a shared context to avoid it. However, the counterexample decision happens during the evaluation of the 
program and, depending on the input parameters, recomputation might or might not occur. Attempting 
to use a shared context would imply precomputation of all possible case distinctions, which could be 
much worse than recomputing only one case distinction. 

We will thus follow a different idea. As was already hinted in Section[4j an additional marker will be 
attached to each extracted counterexample, carrying information about its validity. We will use B L with 
three constants: tt, ff and _L, as a type for markers. 

Definition 8. For a formula A we will re-define the positive and negative computational types denoting 
the new variants as p + (A) and p~(A). We will also denote p*(A) := p~(A) p + (A) and p^(A) := 
B 1 xp"(A). We define: 

p + (at(6)) :=e, p-(at(fc)):=e, 
p+(A^B):=p + (B)xp-(A), p~ (A -> B) := p* (A) x p~ (B) 

p+(Vx ff A) :=p + (A), p-(Vx a B) :=axp-(B) 

For clarity t ► m will denote that t is marked by m. Consequently, when we write t ► m = s, we will 
mean that m = sl and t — sj. The marker constants have the following intended meaning: 

• t ► _L — we have no information yet about the validity of \Q\f, 

• t ► f f — we have checked that -> |C/|f , 

• t ► tt — t is an arbitrarily chosen term and we should prefer another candidate counterexample 
without the need to check \Q\f. 

The change in the positive type in the implication case of the translation leads to a slight adjustment to 
the Dialectica translation (emphasized by a box below): 

\A^B\{:=\A\%^\B\^. 
The essential use of the marker comes in the definition of case distinction terms. 

Lemma 1. For every formula C and variable x : p*(C) there is a term : p~°(C) p~°(C) =z> p~°(C) 
with FV(r^) C FV(C) U {x}, such that for t\,t2 '■ p~°(C)from the assumptions U[ : (m,- = f f — > -> |C|*) 
we can prove 

Ai : (m + tt -> |C|*) -> fa + tt -> |C|*), 

B : m = ff^>--i\C\ x s , 

where Sj ► m ; - = f,- and s ► m = T^t\t2- 

Proof. Define 

Z£f>i ► mi)(j 2 ► m 2 ) := ^ (r v (m 2 = tt)(mi = ff)) ?i 

<r (r v (mi = tt)(r v (m 2 = ff)(r c jcsi))) h [s x ► ff), 
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ni\ 


tt 


ff 


_L 


m 2 


tt 


£>i 


D 2 


D 2 


ff 


D x 


Oi 


Di 


_L 


Di 


D 2 


? 



Table 1: Case analysis for T^t\t 2 

where T v := Xx^ffxtty and 7c is such that at(7cry) \C\*. It is clear that 

at(r v xy) o (-at(x) -> at(y)) o (->at(y) at(x)). 

Let us denote D, := {T^t\t 2 = ?,•). It is easy to see that 

• Di immediately implies A, and also B by 

• m, = tt immediately implies A,- 

• Di A (»!; = ff) implies -> |C|* by w/, which contradicts with the premise m 7^ tt — > \C\ X S , implying 
bothAi andA 2 . 

Table [T] summarizes the validity of D, depending on the values of m\ and m 2 . It can be checked that the 
arguments above are sufficient to establish the validity of A\ ,A 2 and B in all cases except the one marked 
by '?'. In order to complete the proof we assume that m\ =m 2 = _L and consider cases on the decidable 
formula |C|* . 

Case |C|* . D 2 holds, thus we have only A\ to prove. However, the conclusion of A\ is exactly what 
we assumed in this case. 

Case -1 \C\* . We have s = s\, which implies that -1 \C\ X S , proving B. On the other hand, m = ff, which 
contradicts with the premise m ^ tt — > \C\ X S , implying both Ai and A 2 . 

Finally, assuming that Tq is a variable bound by an external definition context as in |fT6l , we see that 
1"^ V2I < \t\\ + [h~[ +K for some constant K, not dependent on C, t\ or t 2 . □ 

We will prove soundness for the modified variant of the Dialectica interpretation using the construc- 
tions [[M]], [[M]] + , [[M]]~ from Theorem [I] Their types will be as follows: 

M : p-(A) -+ o, [[M^ : p+(A), [[M]]7 : p^(Q). 

Theorem 2 (Soundness of counterexample marking). Let : Abe a proof from assumptions u\ : Q. 
Let Xi : p*(Q) and yA '■ P (A) be fresh variables. Then there is a term {\&\}, satisfying the following 
conditions: 

i. we can prove |A|jjj^ /rora (m, 7^ tt — >■ |Q|*!), 
u. we can prove m, = f f — > —> 
i«. FV({|^|}) C FV(^)U {*,-}, 

/v. [{|^|}] = K( \& r \ + [[^J[ 2 )for a fixed constant K, not depending on &>, 
where Sj ► ra ; - = {| &\\JyA- 
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Proof. The proof is a modification of the argument needed for Theorem [T] 

Case u : A. We set as before := Xy A [], \@>\ + :=x u y A and set \&>\~ :=y A ► -L Then {| ^|} + = 
hyAXuyA = x u and {\&\}~[yA =yA ► -L- The assumption premise m M / tt holds, which is enough to 
conclude that |A|**. On the other hand m u ^ ff, which makes the second condition trivially true. The size 
bounds and the variable condition also hold as in Theorem Q] 

Case Xu B M c . Let us denote Sj ► m\ = {|M|} ; ~yc for / ranging over all assumption variables of M, 
including u. By induction hypothesis we have a proof of |C||*^ from m u / tt — > \B\ X S " and m, / tt — >• 
\Ci\ x ' as well as proofs of m u = ff — > -> \B\ X " and m,- = f f — > -> ICA*'. The extracted terms which work for 

I I A/ -L ' I lily I I A/ 

Theorem[T]are still applicable: 



Aja let x H := j a l in [Mj (> A _ 

Mr- 



However, we consider an additional special case: if u £ FA(M), then we set [Af]| a := U ► tt, where U is 
an arbitrary term of type p~(B). Substituting yA with (x u ,yc), it suffices to prove 

1. \B\ X " -> |CL { , |M|}+ from m,- / tt -> |Q|* 

2. in/ = ff -■ |Cf|?. 

[2]follows directly from our induction hypothesis and for[T]we consider subcases on m u . The case m u = _L 
is proved as in ifToll . If m u = ff then by induction hypothesis we have -> \B\ X " and we can conclude using 

efq. Finally, if u £ FA(m) or m u = tt, then by induction hypothesis we can actually prove |C|^^ 
without using the assumption m u ^= tt — > \B\ X ". Therefore we can conclude by using the same proof with 
a void implication introduction. 

Case M B ^ A N B . We define [[^]] + and \9% essentially as in Theorem [j] with the only dif- 
ference that we redefine the case distinction operator co used to combine the negative extracted terms of 
type p~°(C/) as follows: 



t\ cxi?2 := < 



h, \f Ui £?k(N), 

t 2 , if ui $l FA(M), 

T 'Mo, otherwise. 

[XI 1 ^ " 



The results from Lemma [T] are sufficient to conclude the proof. 

Cases XxP M B and M VxP V . The proof of the same case in Theorem [j] still applies, because in both 
cases we neither remove nor introduce assumptions. 

Case \nd B A ^b M A ^ N A ^\ We define the extracted terms as in Theorem [I] with the only change 
that cxi is again defined as above. Lemma[T]allows us to apply the usual soundness proof for this case. 

Case lnd M A („)7iM A (°) (Xn,u A ^ N A( - n+ ^>). By induction hypothesis we have: 



\Si ' 



a proof M' of |A(0) from m { / tt -»• |C/| 

proofs M- of rnt = ff -»• -i \Q |* , 

a proof iV"' of \A(n + 1) | Jf l}+ from n,- / tt -> |Q |* and 

n M ^tt^|A(n)|^ ; 
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proofs N- of m = ff -. \Q \ x \ , 
a proof N'l of n u = ff -»■ -< |A(n) £ , 

where 5, ► m, = {|M|} ; ~yA and r/ ► ray = {|A^|}Jja for i and 7 ranging over FA(M) and FA(N), respec- 
tively. 

We define the extracted terms [[^]] + and as in Theorem[l| but using the marker-aware 

valiant of M . We have 

{|^|}[n:=0] ±{\M\} (*) 

{| ^|}+ [n := n + 1] = let x M := {| ^|} in {|JV|} + , 

{|^|}r [„ :=n + l]y 4 ^ letx H := {\&\} in {|^|}r^«{|^|}r({l^l}^A). 

Let us denote ?, ► /?, = {\&\}yyA- To prove soundness of the term {\&\} we will use induction on n 
to prove the formulas 



F(n):=Wy A U/\( Pi ^n^\C^; 
din) := Vja (pi = ff ->• -i \Ci\ x t . 



|A| 



{|^|}+ 



For n = 0we can directly use the proofs M' and M" from the induction hypothesis, with the necessary 
implication introductions. Now let us assume F(n) and Gi(n), fix y& and the premises pf ^ tt — > |Q|*i, 

where f + >■ pf = {\&\}^ [n:=n + 1] ja- By ([*]) and the properties of EX from Lemmalllwe can conclude 



n/E^ttJ-HCifts, (!) 
A .tyA:=r„S]/tt)^|Q|^ (S] , (2) 

where E:= [*„ := {|<^|}+] . 

G,(n + 1) can be shown from the proofs N'/ and G ; -(n) instantiated with y^ := r u E by using ([*]) and 
Lemma [I] To prove F(n+ 1) we start by using the induction hypothesis F(n) for yA := r u E and ((2]) to 

obtain A ~ . In order to continue further, we need to consider subcases on n u E. 

In case n„E = _L, by ([TJ) we have all premises of WE, thus we can conclude | A |JI^ + [" : =" +1 ], which 
was to be shown. 

In case n u E = ff, we can use N'JE to derive a contradiction and conclude by using efq. 

In case n u E = tt, the premise n u Z / tt — > |A(n)|*" E of N'Z is trivially true and by ([TJ) we have all 

other premises, hence \A$f^ l n:=n+1 \ □ 



6 Conclusion and future work 

The presented variant of the Dialectica interpretation interleaves extracted programs with additional in- 
formation, which is utilised during evaluation in order to omit redundant calculations. Other kinds of 
redundancies can be avoided by means of uniform annotations, as described in |HJ[T2|. It can be argued 
that extensions of such technical nature may obscure the obtained computational content. However, such 
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ideas seem to be practically applicable when implementing an automatic extraction method, with the 
goal to find a correct program, which is not less efficient than a non-verified hand-written program. A 
topic of further investigation would be to find with a suitable combination between the refined uniform 
annotations described in lfl~5l and the current extension of the interpretation. 
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